Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-09-28 | CVE-2006-2940 | Resource Management Errors vulnerability in Openssl OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification. | 7.8 |
| 2006-09-28 | CVE-2006-2937 | Resource Management Errors vulnerability in Openssl OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. | 7.8 |
| 2006-09-28 | CVE-2006-5068 | Remote File Include vulnerability in BrudaNews/GrudaGB PHP remote file inclusion vulnerability in admin/index.php in Brudaswen (1) BrudaNews 1.1 and earlier and (2) BrudaGB 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the o parameter. | 7.5 |
| 2006-09-28 | CVE-2006-5062 | Remote File Include vulnerability in PBLang Lang_NL.PHP PHP remote file inclusion vulnerability in templates/pb/language/lang_nl.php in PBLang (PBL) 4.66z and earlier allows remote attackers to execute arbitrary PHP code via a URL in the temppath parameter. | 7.5 |
| 2006-09-28 | CVE-2006-5061 | Remote File Include vulnerability in AVCX MCF.PHP PHP remote file inclusion vulnerability in mcf.php in Advanced-Clan-Script (AVCX) 3.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content parameter. | 7.5 |
| 2006-09-28 | CVE-2006-5058 | Remote Buffer Overflow vulnerability in Activision products Buffer overflow in (1) Call of Duty 1.5b and earlier, (2) Call of Duty United Offensive 1.51b and earlier, and (3) Call of Duty 2 1.3 and earlier allows remote attackers to execute arbitrary code via a long map argument to the "callvote map" command. | 7.5 |
| 2006-09-28 | CVE-2006-5055 | Code Injection vulnerability in Forum ONE Syntaxcms 1.1.1/1.1.2/1.2.1 PHP remote file inclusion vulnerability in admin/testing/tests/0004_init_urls.php in syntaxCMS 1.1.1 through 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the init_path parameter. | 7.5 |
| 2006-09-28 | CVE-2006-5054 | SQL Injection vulnerability in Iyzi Forum Uye_Ayrinti.ASP SQL injection vulnerability in uye/uye_ayrinti.asp in iyzi Forum 1 Beta 2 and earlier allows remote attackers to execute arbitrary SQL commands via the uye_nu parameter. | 7.5 |
| 2006-09-28 | CVE-2006-5053 | Remote File Include vulnerability in Web-News Template.PHP PHP remote file inclusion vulnerability in webnews/template.php in Web-News 1.6.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content_page parameter. | 7.5 |
| 2006-09-27 | CVE-2006-5051 | Double Free vulnerability in multiple products Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. | 8.1 |